IntegrationsBlogContact

AbuseIPDB

Enrich IP addresses with reputation, abuse reports, and network details from AbuseIPDB.

Malfors graph showing AbuseIPDB enrichment results for an IP address

Overview

AbuseIPDB collects abuse reports for IP addresses and turns them into reputation data. It helps you see whether an address has been reported for activity such as scanning, brute force attempts, spam, or other abuse.

Malfors uses AbuseIPDB to enrich IP addresses in your graph with abuse confidence, report counts, report categories, and recent report times. Where available, it also adds network context such as country, ISP, domain, and usage type.

This gives you a quick read on whether an IP has a known abuse history, so you can decide if it needs deeper investigation, blocking, or correlation with other evidence.

Configure

  1. Create an AbuseIPDB account and generate your API key.
  2. In Malfors, open Enrichments → AbuseIPDB → Add Token.
  3. Paste your token into the field and save.
  4. AbuseIPDB enrichments are now available.
Built byMalfors
Websiteabuseipdb.com